HITB2007 sounds like fun.

there used to be a hoax or maybe it was real about linux remote kernel exploit, well, i wouldnt know really since im not into the whole exploit trading shit, since i got less contact (or none at all). but rumors came from a source, either its real or not is not the real question.

i always thought a remote kernel exploit ARE NOT possible (far side from wireless driver bugs). but recently CoreSec has released an advisory containing detailed information on how OpenBSD can be remotely compromised. it doesnt matter if that particular bug need to be on the same physical layer as the target, but the shit is posibble (what if their cisco router got owned and the attacker did some ipv6 tunneling). this unlike the remote kernel exploit for wireless drivers, this is a real deal.

since IPv6 implementation is buggy, it wouldnt hurt to check all the other ip stack related codes. it seems so easy for CoreSec to construct a working exploit code. i bet they have a motherload of remote 0days under their sleeves.

so its not just an urban legend, it could be done. nevertheless, who define whats possible or not anymore. every single fucking thing evolves.

p/s: reminds me of the *BSD telnetd remote vulnerability.

will update.

when spunge is working a little bit faster.

toodles.